Thank you to one and all who help.
Below are the Ewido and HiJackThis logs:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 4:43:44 PM, 21/07/2005
+ Report-Checksum: CDC4C992
+ Scan result:
C:\WINDOWS\system32\latest.exe -> Trojan.Crypt.c : Cleaned with backup
C:\WINDOWS\system32\symcsvc.exe -> Trojan.Crypt.c : Cleaned with backup
C:\WINDOWS\system32\ztoolb004.dll -> Spyware.Zbar : Cleaned with backup
C:\WINDOWS\system32\msexnpfi.exe -> Adware.BetterInternet : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Merran\Application Data\Mozilla\Firefox\Profiles\cl7ards7.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Backup\Merran\Cookies\merran@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Backup\Merran\Cookies\merran@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Backup\Merran\Cookies\merran@overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Backup\Merran\Cookies\merran@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Backup\Merran\Cookies\merran@gator[1].txt -> Spyware.Cookie.Gator : Cleaned with backup
C:\Backup\Merran\Cookies\merran@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Backup\Merran\Cookies\merran@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Backup\Merran\Cookies\merran@targetnet[1].txt -> Spyware.Cookie.Targetnet : Cleaned with backup
C:\Backup\Merran\Cookies\merran@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Backup\Merran\Cookies\merran@bs.serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Backup\Merran\Cookies\merran@serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Backup\Merran\Cookies\merran@doubleclick[2].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Backup\Merran\Cookies\merran@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Backup\Merran\Cookies\merran@hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Backup\Merran\Cookies\merran@ehg-hasbro.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Backup\Merran\Cookies\merran@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
::Report End
=============================================
Logfile of HijackThis v1.99.1
Scan saved at 5:05:37 PM, on 21/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Documents and Settings\Merran\Desktop\Nick\ewido\security suite\ewidoctrl.exe
C:\Documents and Settings\Merran\Desktop\Nick\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe
C:\WINDOWS\system32\carpserv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\~update.exe
C:\Program Files\Sierra\Planner\PLNRnote.exe
C:\Documents and Settings\Merran\Desktop\Nick\HiJackThis\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.sympatico.ca/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-ca\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe"
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SNInstall] C:\WINDOWS\system32\~update.exe
O4 - Global Startup: Event Planner Reminders Tray Icon.lnk = C:\Program Files\Sierra\Planner\PLNRnote.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 1457537640
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{03F3CBF6-9969-4FDC-9CD5-CE02BF277D5C}: NameServer = 69.50.188.180,85.255.112.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{E2F1E3C2-3284-42D7-AB8E-BE4A84FA3F5A}: NameServer = 69.50.188.180,85.255.112.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{03F3CBF6-9969-4FDC-9CD5-CE02BF277D5C}: NameServer = 69.50.188.180,85.255.112.5
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Documents and Settings\Merran\Desktop\Nick\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Documents and Settings\Merran\Desktop\Nick\ewido\security suite\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: svchost.exe (moto) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)